function it_does_not_serialize_project_when_the_user_does_not_allowed(ProjectOfIdQuery $query, ProjectRepository $repository, Project $project, OrganizationId $organizationId, OrganizationRepository $organizationRepository, Organization $organization) { $query->projectId()->shouldBeCalled()->willReturn('project-id'); $repository->projectOfId(ProjectId::generate('project-id'))->shouldBeCalled()->willReturn($project); $project->organizationId()->shouldBeCalled()->willReturn($organizationId); $organizationRepository->organizationOfId($organizationId)->shouldBeCalled()->willReturn($organization); $query->userId()->shouldBeCalled()->willReturn('user-id'); $organization->isOrganizationMember(UserId::generate('user-id'))->shouldBeCalled()->willReturn(false); $this->shouldThrow(UnauthorizedProjectResourceException::class)->during__invoke($query); }
public function __invoke(ProjectOfIdQuery $query) { $project = $this->repository->projectOfId(ProjectId::generate($query->projectId())); if (!$project instanceof Project) { throw new ProjectDoesNotExistException(); } $organization = $this->organizationRepository->organizationOfId($project->organizationId()); if (!$organization->isOrganizationMember(UserId::generate($query->userId()))) { throw new UnauthorizedProjectResourceException(); } $this->dataTransformer->write($project); return $this->dataTransformer->read(); }